Another reason why SSL client authentication may go bust is that it does not support the inclusion of platform attestations, something that may be required when TPMs become standard. That is, you may [in the future] not be able to access corporate web-mail (or other sensitive web apps), from a machine that does not appear to run a "safe" operating system. Some organizations may not allow employees to access web-mail from an unknown machine even if it is "safe". Alternative authentication mechanisms, typically riding on top of an SSL channel, can with ease provide platform attestations together with the authentication response.
Anders Rundgren Former member of TrustedComputingGroup ----- Original Message ----- From: "Anders Rundgren" <[EMAIL PROTECTED]> To: "Mozilla Crypto" <dev-tech-crypto@lists.mozilla.org> Sent: Friday, June 30, 2006 22:28 Subject: To SSL-client-auth or not to SSL-client-auth,that is the question(?) Hi, In theory SSL-client-authentication ought to be the only way to authenticate to web-servers using PKI. I reality this is not the case in many large-scale PKIs. In addition, things have been complicated by the introduction of Microsoft's CardSpace (formerly InfoCards) system, which uses signed XML assertions for login. The question then arises: what should we actually use? Here comes a number of side-effects by using SSL-client-authentication: a.. Typically radically different user-interfaces between authentication and signature operations with respect to certificates b.. Entirely different technical methods for (pre)selecting target certificate(s) c.. That authentication is performed in the transport layer is a disadvantage when using external SSL hardware accelerators d.. A subtle difference between authentication and signing is that signatures do not necessarily require that the issuer is known in advance, while SSL-client-authentication usually does e.. SSL-client-authentication in general has a rather awkward user-interface. This should be compared to other built-in HTTP authentication schemes (like Basic or Digest) which hardly nobody use because "forms are much prettier" My conclusion is that it is too early to settle on SSL-client-authentication (only), and that it is important to create a PKI-based alternative that matches form-based authentication. Security-wise there are no differences, assuming appropriate methods are used. Comments? Anders Rundgren _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
